<?
class Admin {

	var $loginname;
	var $password;


     function anti_inyection(){
        $this->loginname=sql_quote($this->loginname);
		$this->password=sql_quote($this->password);
     }
     
	 function __construct($loginname="",$password="") {

		$this->loginname=$loginname;
		$this->password=$password;
        $this->anti_inyection();

	}

	function seleccion_todo_administrador($con){
		$strselect="SELECT * FROM administrador;";
		$resultado = mysql_query($strselect,$con);
		return $resultado;
	}

	function seleccion_administrador($con){
	$this->anti_inyection();
		$strselect="SELECT * FROM administrador WHERE loginname = '$this->loginname' AND password = '$this->password';";

                $resultado = mysql_query($strselect,$con);
		return $resultado;
	}

	function seleccion_administradorxadministrador($con){
	$this->anti_inyection();
		$strselect="SELECT * FROM administrador WHERE loginname = '$this->loginname';";
		$resultado = mysql_query($strselect,$con);
		return $resultado;
	}

	function eliminar_administrador($con) {
	$this->anti_inyection();
		$strdelete="delete from administrador where loginname='$this->loginname';";
		mysql_query($strdelete,$con) or die (mysql_error());
	}
	function modificar_administrador($con){
	$this->anti_inyection();
		$srtupdate="UPDATE administrador SET password='$this->password' where loginname='$this->loginname'";
		mysql_query($srtupdate,$con) or die (mysql_error());
	}
	function insertar_administrador($con) {
	$this->anti_inyection();
		$strinsert="insert into administrador (loginname, password) values('$this->loginname','$this->password');";
		mysql_query($strinsert,$con) or die (mysql_error())	;
	}

	function asignar_administrador($loginanme,$password) {
		$this->loginname=$loginanme;
		$this->password=$password;
		$this->anti_inyection();
	}

	function grabar_cookie($con){
	$this->anti_inyection();
		$srtupdate="UPDATE administrador SET cookie='$this->cookie' where loginname='$this->loginname'";
		mysql_query($srtupdate,$con);
	}

	function validarLogin($con){
	$this->anti_inyection();
		$ssql = "select * from administrador where loginname = '" . $this->loginname . "' and password='" .$this->password. "'";
		return mysql_query($ssql, $con);
	}
	function existeadministrador($con){
	$this->anti_inyection();

		$string= "SELECT COUNT(loginname)".
		         " FROM administrador
				   WHERE loginname='".$this->loginname."'";

		$result= mysql_query($string, $con ) or die(mysql_error());
		$row = mysql_fetch_row( $result );
		$totalRows = $row[0];

		if($totalRows>0){
			return true;
		}else{
			return false;
		}
	}


}
